TrendMicro Reports An Increase in Macro-based Spams
Macro have been used to automate certain tasks with Microsoft office applications like Microsoft Word documents and Microsoft Excel spreadsheets. cyber-criminals have been using this to include their malicious script and embed them with macros.
TrendMicro have released a new post describing this issue and how they have spotted Banking Trojan DRIDEX Uses Macros for Infection, ROVNIX that Infect Systems with Password-Protected Macros or Banking Malware VAWTRAK.
All of the cases reported are circulating using emails as a spam message the first sourced from air canada with order number completed in the subject and attaching BARTALEX malware. second spam message have XLS attachment that include banking malware ROVNIX, VAWTRAK, DRIDEX, and NEUREVT aka Beta Bot.
Chart for the amount of spam message with macro and UPATRE-related files sourced TrendMicro
Looking at the chart we notice a general increase in the number of spam and macro malicious spams average is also increasing. To protect your self make sure to update Microsoft office application to fix vulnerabilities that can be used by malicious files, enable the macro security features and ignore emails from unknown sources.